Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3338
Views
0
Helpful
4
Replies

One VLAN can be a system VLAN on one port but a regular VLAN on another in the same ESX host?!

mhasabal
Level 1
Level 1

‎10-21-2010 08:03 PM

anyone can explain that please. thanks in advance

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3/getting_started/configuration/guide/n1000v_gsg_1overview.html

Labels:
0 Helpful
4 Replies 4

Robert Burns
Cisco Employee
Cisco Employee

‎10-21-2010 10:53 PM

A Port profile with a System VLAN defined allows associated virtual interfaces to forward traffic.  This is relevant when there are certain VLANs that need to be up & forwarding to faciliate the initial communication between the VEM & VSM.  Normally these will include Control, Packet, Management (Service Console or Mgmt VMkernel) and IP Storage VLANs.  All other VLANs can be regular VLANs, and require the VEM to receive programming from the VSM before putting them into a fowarding state.

There are TWO places a system vlan needs to be defined for it to take effect.

1. Ethernet Uplink Port Profile

2. vEth Port Profile

This two-way requirement allow you to treat Port Profiles different, even if they share a common VLAN.

Case Example

=============

Control & Packet VLAN = 3001

Management Service Console = 3002

VM Data Traffic = 3002

Let's say all my VSM's connections (Control, Mgmt & Packet) are hosted on the 1000v.  I'll want my Control, Packet and Managment traffic to behave as a "system vlan". But as you can see my VM Data shares the same VLAN ID with my Management.  With the 2-factor system vlan config requirement I can treat virtual interfaces differently based on how their vEth profiles are defined, even if they share the same VLAN.

This is how it would look.

port-profile type vethernet dvs_Control-Packet
  vmware port-group
  switchport mode access
  switchport access vlan 3001
  no shutdown
  system vlan 3001  <== Define vlan 3001 as a system vlan in vEth port profile
   state enabled


port-profile type vethernet dvs_ServiceConsole
  vmware port-group
  switchport mode access
  switchport access vlan 19
  no shutdown
  system vlan 19  <=== Define vlan 19 as a system vlan in vEth port profile
  state enabled


port-profile type vethernet dvs_VM-Data
  vmware port-group
  switchport mode access
  switchport access vlan 19   <=== No system vlan define!
  no shutdown
  state enabled


port-profile type ethernet system-uplink
  vmware port-group
  switchport mode trunk
  switchport trunk allowed vlan 19,21-22,25,99,200,900,1000,1004,3000-3002,3005
  channel-group auto mode on mac-pinning
  no shutdown
  system vlan 19,3001 <== Only Port Profiles with a "matching" vEth Port Profile system VLAN are treated as such.
  state enabled

Result:

Control Traffic = Always forwarding

Packet Traffic = Always forwarding

Management Traffic = Always forwarding

VM Data Traffic = Forwarding after VEM receives programming from VSM

Hope this clears it up.

Robert

0 Helpful

mhasabal
Level 1
Level 1
In response to Robert Burns

‎10-22-2010 12:51 PM

thank you so much Robert. your answer helped me a lot.

0 Helpful

stumcewan
Level 1
Level 1
In response to mhasabal

‎11-28-2010 01:40 AM

Can you attach standard VM's to this port profile too? Can the vCenter server be on the same port profile?

0 Helpful

Robert Burns
Cisco Employee
Cisco Employee
In response to stumcewan

‎11-28-2010 02:15 PM

Any VM can utilize any "vEthernet" Port Profile.  This includes vCenter.

Robert

0 Helpful
Customers Also Viewed These Support Documents